package com.uiao.controller;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;

@Controller
public class LoginController {
	
    /**
     * 首页 在xml里配置的successUrl 即登录成功后的访问页面
     *
     * @param model
     * @return
     */
    @GetMapping("/index")
    public String index(Model model) {
    	System.out.println("进入首页");
        return "index";
    }
    
    /**
     * GET 请求登录页面
     * 
     * @return {String}
     */
    @GetMapping("/login")
    public String login() {
        System.out.println("GET请求登录页面");
        if (SecurityUtils.getSubject().isAuthenticated()) {
        	System.out.println("已经验证过了，跳转index");
            return "redirect:/index";
        }
        return "login";
    }
    
    /**
     * 用户登录
     * 
     * @param username
     * @param password
     * @return {String}
     */
	@PostMapping("/login")
	public String logon(@RequestParam("username") String username,
			@RequestParam("password") String password) {
		System.out.println("POST登录验证");
		// 1.创建Subject实例
		Subject currentUser = SecurityUtils.getSubject();

		// 2.判断当前用户是否登录
		if (currentUser.isAuthenticated() == false) {

			// 将用户名和密码封装UsernamePasswordToken
			UsernamePasswordToken taken = new UsernamePasswordToken(username,
					password);
			taken.setRememberMe(true);
			try {
				
				//会在这调用spring-config中配置好的ShiroRealm
				currentUser.login(taken);
				System.out.println("用户名和密码正确，登录成功!");

			} catch (UnknownAccountException e) {
				System.out.println("账号不存在。。。");
				return "error/fail";
			} catch (IncorrectCredentialsException e) {
				System.out.println("密码错误。。。");
				return "error/fail";
			} catch (LockedAccountException e) {
				System.out.println("用户被锁死。。。");
				return "error/fail";
			} catch (AuthenticationException e) {
				System.out.println("登录失败。。。");
				return "error/fail";
			}
		}
		return "index";
	}
	
    /**
     * 未授权页面
     * 
     * @return {String}
     */
    @GetMapping("/unauth")
    public String unauth() {
        if (SecurityUtils.getSubject().isAuthenticated() == false) {
        	
            return "redirect:/login";
        }
        System.out.println("没有权限进入访问资源");
        return "unauth";
    }
    
    /**
     * admin role
     * 请求经授权器（authorizer）拦截后，若有权限则进入此方法
     * @param model
     * @return
     */
    @GetMapping("/admin")
    public String admin(Model model) {
    	System.out.println("进入admin 角色的页面");
        return "admin/admin";
    }
    
    /**
     * pm role
     * 请求经授权器（authorizer）拦截后，若有权限则进入此方法
     * @param model
     * @return
     */
    @GetMapping("/pm")
    public String pm(Model model) {
    	System.out.println("进入pm 角色的页面");
        return "pm/pm";
    }
    
    /**
     * 测试注解，半成品
     */
    @RequiresRoles({"admin"})
    @RequestMapping("/testannotiation")
    public String testAnnotiation() {
    	System.out.println("测试注解");
    	return "index";
	}
    
}
